Hi All, We are currently in process of configuring the Vulnerability Response module on our instance. We are ingesting scan data from Qualys using and Defender using the OOB plugins. On some of our CIs we have both Qualys and Defender running, and t...
I need the value in Approval For field because i have to send notification to the assignment group for Vulnerable Item & Remediation Task requested, approved & reject for Exception request.
Hi all, I would like to enable the export feature that can be found on the SIR workspace, both via the homepage and list view, users have a 'Export' UI action (this appears to be the same functionality as right-clicking on the form header > export > ...
I am considering activating Flow Designer in our Vulnerability Response application.We have only a couple of workflows created historically. Does activating Flow Designer in VR have any adverse effects on current Workflows created? Or is there a mi...
Hi Everyone! Currently when we manually upload Vulnerabilities to create VITs users do not get notified when they are uploaded. I'm trying to figure out the best way to configure an email to be sent to notify users that they need to address this asa...
i need to create SIR Integration group so which roles are suitable for this group can you please suggest me
Hello All, We are seeing this weird behavior on ServicewNow Configuration compliance : >>where in we are using OOB API parameters. >>test results are getting created >>but the amount of failed test results generated by Qualys (weekly qualys report) ...
This is the remediation task rule that is configured in the configuration compliance remediation task rules table (sn_vulc_grouping_rule).What I want is to create remediation task based on the condition that if any of the Test Result is created with ...
Hello all, I just wanted to know if I can set new line "\n" as a delimiter for Splunk ES field mapping. If I do comma separation, the data looks quite shabby, as I'm trying to populate the description field with 8-9 fields. I tried putting "\n" in t...
Hi everyone,I've encountered an issue where some Vulnerability Remediation (VUL) tasks or remediation tasks remain open, despite their associated Vulnerable Items (VITs) being 100% closed. Can anyone help me understand why this discrepancy occurs, an...
Hi All, We have recently gone live with the VR module in ServiceNow and have the integration in place between our Qualys instance. Just after we went live with ServiceNow module, Qualys updated the VMDR module to 2.0 and introduced its QDS scoring m...
Hello All,I'm facing an issue while integrating CrowdStrike Falcon Sandbox with ServiceNow Security Operations. When submitting a URL for malware analysis, I receive the following Error: 'access denied, authorization failed' occurred while submittin...
Hi Folks, I am troubleshooting an issue where in i need to understand the CI mapping rules for VM Rapid & data import. Issue - Rapid7 (Intsights VM) has scanned a asset with URL - xyz.com however when the VI got created it was created with IP address...
Hello everyone, I’m looking to set up a fast-track solution for managing critical CVEs (Common Vulnerabilities and Exposures) that require immediate attention. Here’s a brief overview of what I’m aiming to achieve:Ad Hoc Remediation Targets:I need a ...
Hi All,I need an information regarding cancellation reason of playbook in SIR.On which table the cancellation reason of playbook in security incident is stored in ServiceNow?Thanks,Kushal
